This article is not a guide about how to handle a notifiable breach. By now, you’re all familiar with the ICO Guidance on that. This piece is about the day to day handling of incidents based on over a decade of first-hand experience about what works, and what doesn’t. Keep it simple. If the breach/incident …

At the Protecture seminar on e-Privacy at the end of November, Rowenna Fielding reminded us that PECR is about more than just consent for electronic direct marketing. I don’t think that Rowenna meant to alarm anyone, just a gentle poke in the ribs to get your online house in order before the new ePrivacy Regulation …

The Information and Records Management Society (IRMS) and Protecture were delighted to formally launch the IRMS Third Sector Retention and Disposal Toolkit and Schedule at an event in Central London last week. Attendees from a number of charities, not-for-profits and companies heard Scott Sammons, Chair of the IRMS, argued passionately for the benefits of record …

As the Data Protection Act 1998 (DPA98) comes to an end, we have a first! The first maximum fine under the old law was issued in September to Equifax Ltd. If you’ve heard any of the Data Protection Leads here at Protecture speak about basic security issues facing organisations, you will have heard us talk …

With the news that the changes to ePrivacy law have now been delayed until 2020, now is a good time to evaluate whether your organisation’s practices are already in line with existing electronic privacy law. The ePrivacy Regulation is likely to strengthen the current provisions of PECR in similar ways to which GDPR strengthened previous …

What would you say? 20 questions from the ICO The findings from the ICO’s latest Information Risk reviews highlight the many and varied areas that data protection risk touches upon. We turned the findings into the 20 key questions you should ask yourself about data protection at your organisations. Do you have a clear Data …

On the 1st of August a hugely popular website, Reddit, announced that it had been hacked. If you’ve not seen it, Reddit is a vaguely social network (explored further below) where registered members can post links, news and discuss almost anything on a series of message boards. Users need an email address and password but are seemingly anonymous …

Unless you have been living under a rock for the past few weeks, you will have noticed that Facebook’s business practices have been coming under the microscope of public scrutiny. It’s been well-known for a long time among the data protection and marketing communities that Facebook operates by harvesting, generating and acquiring large amounts of …

Not App-y Last week, Digital Minister Matt Hancock MP, released an app aimed at members of his constituency, to help them engage and raise subjects of interest with him as their MP. However, within a few hours of its release, it became evident that the app had major flaws which posed a threat to privacy …

This week a trial is ongoing in the High Court which many data protection professionals and in-house lawyers are watching carefully. It is part of a class action by the employees of Morrisons (the supermarket chain) who were affected by the exposure of their payroll data in 2014 by a former colleague with a grudge; …

Newsletter Sign Up

We use cookies to track activity on this site to tell us how it is being used and how we can improve. Details of the cookies are in our Privacy Information. There's no profiling involved. If that's OK with you, please click 'OK', if not, click 'No Thanks'OKNo ThanksPrivacy Information